Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Exe


  • Please log in to reply
2 replies to this topic

#1 WorBlades

WorBlades

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:12:44 PM

Posted 18 March 2007 - 06:25 PM

OK, I noticed a log in my history folders in IE that I was not familiar with. I deleted it last night but it was back today - and I had not surfed the net at all yet.

125.212.52.245

Had no idea what this was, but the last time I had a strange IP show up like this in my IE history it turned out to be a VBS/Psyme trojan. Difficult to get rid of for someone of limited comp. tech. skills like myself.

The first thing I did was check what programs my McAfee was allowing net access to. That's where I noticed that it had blocked a program I didn't recognize. "mljgf.exe" After finding this I banned the 125.212.52.245 address and went searching on mljgf.

Google gives me lots of info on .dll files with this name that are spyware, but no exe's. My McAfee did not find anything and neither did my Adaware. I searched my comp for files modified or created on or around the same time as this mljgf.exe (yesterday 3-17-07 @ 6:27 pm). There were two other files with the exact same date and time.

HwLocal.xdb
lzexalg.dll

The HwLocal seems to be part of McAfee, but I'm finding nothing on lzexalg. I'm just concerned about having spyware or something worse. Knowing that something's there and not knowing how to get rid of it is frustrating. Any ideas? Thanks.

BC AdBot (Login to Remove)

 


#2 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,259 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:11:44 AM

Posted 18 March 2007 - 06:33 PM

Sounds like a job for the BC's own crack team of HijackTHis analysts.

Read this topic on how to post a HJT log.

#3 Arshad Parvez

Arshad Parvez

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:11:44 PM

Posted 19 March 2007 - 03:00 AM

Hi,

Its a spyware. You can find info on this at:

http://spywarefiles.prevx.com/RRHGEB18607413/MLJGF.EXE.html

Best of luck.

ArshadParvez




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users